You can protect your information assets and ensure that uniform security by applying Agent rule sets. By working in conjunction with the event detection and alerting process, rule sets offer real-time event detection, alerting, and response. The default rule set provides a wealth of UNIX knowledge and an excellent starting point from which to build custom rule sets.
UAM provides a Rule wizard that guides you through creating rules to monitor and react to a number of common conditions, including the following:
Terminating processes
Running specific sensitive commands
Running sensitive commands as a non-root user
Creating, modifying, or deleting specific files
You can deploy the rule sets that you create to any or all of the UNIX computers in your IT environment.